A non-standard but widely accepted header introduced originally by Microsoft to disable "content sniffing" or heuristic content type discovery in absence or mismatch of a proper HTTP Content-Type declaration, which led to a number of web attacks. In general, presence of the header with its only defined value of nosniff is considered as part of a properly secured HTTP response.